Forms Server 4 API

Description

This function verifies the correctness of all digital signatures in a given form whose root node is provided. It finds all items of type signature and calls VerifySignature for each signature. Errors are logged for all non valid signatures.

This function checks the following conditions for each signature:

The signature item contains mimedata.

The mimedata contains a hash value and signer certificate.

The signer certificate contains the same ID as that recorded in the signature item's signer option.

The signer certificate has not expired.

Function

Function VerifyAllSignatures(

reportAsErrorsFlag As Boolean

) As Integer

Parameters

Table 1. Function parameters

Expression

Type

Description

reportAsErrorsFlag

Boolean

Set to True if you want errors about the signatures to be reported by throwing an exception, or False if you want the error code to be only returned through the return value.

Returns

An integer having one of the following values:Table 2. return codes

Code

Status

FormNodeP.UFL_SIGS_OK

The signatures are valid.

FormNodeP.UFL_SIGS_NOTOK

One or more signatures are broken.

FormNodeP.UFL_SIGS_UNVERIFIED

One or more signatures are unverifiable.

FormNodeP.UFL_SIGS_VERIFIEDBUTNOTAUTHENTICATED

This value will only be returned on items that have an HMAC signature. It means that the data is valid, but the shared secret could not be checked for validity.

If one or more of the signatures is not valid and the reportAsErrorsFlag is true, an exception is thrown. On error, the function throws an exception.

Example

The following example uses VerifyAllSignatures to check all of the signatures in the form, then returns "Valid" if the signatures are okay or "Invalid" if they are not.